Details of VAR-202308-1258

ID

VAR-202308-1258

CVE

CVE-2023-39468

TITLE

Triangle MicroWorks of SCADA Data Gateway Vulnerabilities related to exposing dangerous methods and functions in

Trust: 0.8

sources: JVNDB: JVNDB-2023-029197

DESCRIPTION

Triangle MicroWorks SCADA Data Gateway DbasSectorFileToExecuteOnReset Exposed Dangerous Function Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Triangle MicroWorks SCADA Data Gateway. Authentication is required to exploit this vulnerability. The specific flaw exists within the handling of DbasSectorFileToExecuteOnReset parameter. The issue results from an exposed dangerous function. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. Was ZDI-CAN-20799. (DoS) It may be in a state

Trust: 2.79

sources: NVD: CVE-2023-39468 // JVNDB: JVNDB-2023-029197 // ZDI: ZDI-23-1036 // CNVD: CNVD-2025-10578

IOT TAXONOMY

category:

['ICS']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2025-10578

AFFECTED PRODUCTS

vendor:	triangle microworks	model:	scada data gateway	scope:	-	version:	-	Trust: 1.5
vendor:	trianglemicroworks	model:	scada data gateway	scope:	eq	version:	5.1.3.20324	Trust: 1.0
vendor:	triangle microworks	model:	scada data gateway	scope:	eq	version:	5.1.3.20324	Trust: 0.8
vendor:	triangle microworks	model:	scada data gateway	scope:	eq	version:	-	Trust: 0.8
vendor:	triangle	model:	microworks scada data gateway	scope:	-	version:	-	Trust: 0.6

sources: ZDI: ZDI-23-1036 // CNVD: CNVD-2025-10578 // JVNDB: JVNDB-2023-029197 // NVD: CVE-2023-39468

CVSS

SEVERITY

CVSSV2

CVSSV3

zdi-disclosures@trendmicro.com:	CVE-2023-39468
value:	HIGH
Trust: 1.0
OTHER:	JVNDB-2023-029197
value:	HIGH
Trust: 0.8
ZDI:	CVE-2023-39468
value:	HIGH
Trust: 0.7
CNVD:	CNVD-2025-10578
value:	HIGH
Trust: 0.6

CNVD:	CNVD-2025-10578
severity:	HIGH
baseScore:	8.3
vectorString:	AV:N/AC:L/AU:M/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	MULTIPLE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	6.4
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

zdi-disclosures@trendmicro.com:	CVE-2023-39468
baseSeverity:	HIGH
baseScore:	7.2
vectorString:	CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	HIGH
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	1.2
impactScore:	5.9
version:	3.0
Trust: 1.0
OTHER:	JVNDB-2023-029197
baseSeverity:	HIGH
baseScore:	7.2
vectorString:	CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	HIGH
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8
ZDI:	CVE-2023-39468
baseSeverity:	HIGH
baseScore:	7.2
vectorString:	AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	HIGH
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	1.2
impactScore:	5.9
version:	3.0
Trust: 0.7

sources: ZDI: ZDI-23-1036 // CNVD: CNVD-2025-10578 // JVNDB: JVNDB-2023-029197 // NVD: CVE-2023-39468

PROBLEMTYPE DATA

problemtype:	CWE-749	Trust: 1.0
problemtype:	Exposing dangerous methods or functions (CWE-749) [ others ]	Trust: 0.8

sources: JVNDB: JVNDB-2023-029197 // NVD: CVE-2023-39468

PATCH

title:	Triangle MicroWorks has issued an update to correct this vulnerability.	url:	https://www.trianglemicroworks.com/products/scada-data-gateway/what's-new	Trust: 0.7
title:	Patch for Triangle MicroWorks SCADA Data Gateway Arbitrary Code Execution Vulnerability	url:	https://www.cnvd.org.cn/patchInfo/show/689626	Trust: 0.6

sources: ZDI: ZDI-23-1036 // CNVD: CNVD-2025-10578

EXTERNAL IDS

db:	NVD	id:	CVE-2023-39468	Trust: 3.9
db:	ZDI	id:	ZDI-23-1036	Trust: 3.1
db:	JVNDB	id:	JVNDB-2023-029197	Trust: 0.8
db:	ZDI_CAN	id:	ZDI-CAN-20799	Trust: 0.7
db:	CNVD	id:	CNVD-2025-10578	Trust: 0.6

sources: ZDI: ZDI-23-1036 // CNVD: CNVD-2025-10578 // JVNDB: JVNDB-2023-029197 // NVD: CVE-2023-39468

REFERENCES

url:	https://www.trianglemicroworks.com/products/scada-data-gateway/what's-new	Trust: 2.5
url:	https://www.zerodayinitiative.com/advisories/zdi-23-1036/	Trust: 2.4
url:	https://nvd.nist.gov/vuln/detail/cve-2023-39468	Trust: 0.8

sources: ZDI: ZDI-23-1036 // CNVD: CNVD-2025-10578 // JVNDB: JVNDB-2023-029197 // NVD: CVE-2023-39468

CREDITS

Uri Katz of Claroty Team82

Trust: 0.7

sources: ZDI: ZDI-23-1036

SOURCES

db:	ZDI	id:	ZDI-23-1036
db:	CNVD	id:	CNVD-2025-10578
db:	JVNDB	id:	JVNDB-2023-029197
db:	NVD	id:	CVE-2023-39468

LAST UPDATE DATE

2025-06-20T23:17:42.142000+00:00

SOURCES UPDATE DATE

db:	ZDI	id:	ZDI-23-1036	date:	2023-08-04T00:00:00
db:	CNVD	id:	CNVD-2025-10578	date:	2025-05-23T00:00:00
db:	JVNDB	id:	JVNDB-2023-029197	date:	2025-06-19T01:10:00
db:	NVD	id:	CVE-2023-39468	date:	2025-06-17T21:02:53.483

SOURCES RELEASE DATE

db:	ZDI	id:	ZDI-23-1036	date:	2023-08-04T00:00:00
db:	CNVD	id:	CNVD-2025-10578	date:	2025-05-21T00:00:00
db:	JVNDB	id:	JVNDB-2023-029197	date:	2025-06-19T00:00:00
db:	NVD	id:	CVE-2023-39468	date:	2024-05-03T03:15:12.563